DIP 1025--Dynamic Arrays Only Shrink, Never Grow--Community Review Round 1
Uknown
sireeshkodali1 at gmail.com
Mon Nov 11 16:47:19 UTC 2019
On Monday, 11 November 2019 at 16:36:57 UTC, Paolo Invernizzi
wrote:
>
> "This change is a __necessary__ part of evolving D toward being
> memory safe without using a GC"
>
> This is a bold statement, that needs to be addressed with a
> little of explanation of why there are no alternatives.
>
> I think it's not acceptable to suffer such a huge pain, without
> having a clear understanding that there was a deep analysis on
> potential alternative solutions, and an explanation of why they
> are not sufficient for the scope.
>
> Just to be clear, why @nogc is not enough?
>
> Thanks
A lot of people are bringing it up, so I'll bite. The problem
with @nogc is that it doesn't cover all cases. Imagine the code
given in the DIP like this instead:
---lib.d
void f(int x[]) @safe pure nothrow
{
x ~= 0;
}
---main.d
void main() @safe
{
import lib: f;
import std.container : Array;
Array!int x = [0, 1, 2, 3, 4];
f(slice);
// x's dtor will try to free an invalid pointer
}
Clearly here main does something that seems safe on the surface.
But in actuality it is clearly unsafe code. And its hard to
verify, because main and the libraries used are written by
completely different people.
More information about the Digitalmars-d
mailing list